基于网格的 CP-ABE 访问控制，适用于具有懒惰属性分配和属性撤销功能的 SDS 约束

IF 1.3 4区计算机科学 Q3 COMPUTER SCIENCE, INFORMATION SYSTEMS

IET Information Security Pub Date : 2024-06-18 DOI:10.1049/2024/6963475

Ting Guo, Abdugeni Abduxkur, Nurmamat Helil

{"title":"基于网格的 CP-ABE 访问控制，适用于具有懒惰属性分配和属性撤销功能的 SDS 约束","authors":"Ting Guo, Abdugeni Abduxkur, Nurmamat Helil","doi":"10.1049/2024/6963475","DOIUrl":null,"url":null,"abstract":"<div>\n <p>Ciphertext-policy attribute-based encryption (CP-ABE) is a cryptographic scheme suitable for secure data sharing on cloud storage. The CP-ABE based on lattice theory has the property of resisting quantum attack. Some data objects uploaded to the cloud by the same data owner may cause conflicts of interest, or their combination may expose sensitive information. This paper proposes a revocable CP-ABE scheme on the lattice, based on ring learning with error (R-LWE) problem, to enforce access control constraints on user access to such data objects. In this scheme, first, the access policies of such data objects are amended by adding dummy attributes. Second, we control the secret key components associated with the dummy attributes or revoke the dummy attributes to prevent users from continuously accessing specific parts or all data objects from this kind of data set. Finally, we carry on the efficiency and security analysis of the scheme. The analysis results show that the scheme is efficient and safe.</p>\n </div>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2024 1","pages":""},"PeriodicalIF":1.3000,"publicationDate":"2024-06-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/2024/6963475","citationCount":"0","resultStr":"{\"title\":\"Lattice-Based CP-ABE Access Control for SDS Constraint with Lazy Assignment of Attributes and Attribute Revocation\",\"authors\":\"Ting Guo, Abdugeni Abduxkur, Nurmamat Helil\",\"doi\":\"10.1049/2024/6963475\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div>\\n <p>Ciphertext-policy attribute-based encryption (CP-ABE) is a cryptographic scheme suitable for secure data sharing on cloud storage. The CP-ABE based on lattice theory has the property of resisting quantum attack. Some data objects uploaded to the cloud by the same data owner may cause conflicts of interest, or their combination may expose sensitive information. This paper proposes a revocable CP-ABE scheme on the lattice, based on ring learning with error (R-LWE) problem, to enforce access control constraints on user access to such data objects. In this scheme, first, the access policies of such data objects are amended by adding dummy attributes. Second, we control the secret key components associated with the dummy attributes or revoke the dummy attributes to prevent users from continuously accessing specific parts or all data objects from this kind of data set. Finally, we carry on the efficiency and security analysis of the scheme. The analysis results show that the scheme is efficient and safe.</p>\\n </div>\",\"PeriodicalId\":50380,\"journal\":{\"name\":\"IET Information Security\",\"volume\":\"2024 1\",\"pages\":\"\"},\"PeriodicalIF\":1.3000,\"publicationDate\":\"2024-06-18\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"https://onlinelibrary.wiley.com/doi/epdf/10.1049/2024/6963475\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IET Information Security\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://onlinelibrary.wiley.com/doi/10.1049/2024/6963475\",\"RegionNum\":4,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IET Information Security","FirstCategoryId":"94","ListUrlMain":"https://onlinelibrary.wiley.com/doi/10.1049/2024/6963475","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

摘要

基于密文策略属性的加密（CP-ABE）是一种适用于云存储安全数据共享的加密方案。基于网格理论的 CP-ABE 具有抵御量子攻击的特性。同一数据拥有者上传到云的一些数据对象可能会引起利益冲突，或者它们的组合可能会暴露敏感信息。本文基于环误差学习（R-LWE）问题，提出了一种网格上的可撤销 CP-ABE 方案，对用户访问此类数据对象实施访问控制约束。在该方案中，首先，通过添加虚拟属性来修改此类数据对象的访问策略。其次，我们控制与假属性相关的秘钥组件或撤销假属性，以防止用户持续访问此类数据集中的特定部分或全部数据对象。最后，我们对方案进行了效率和安全性分析。分析结果表明，该方案是高效和安全的。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

Lattice-Based CP-ABE Access Control for SDS Constraint with Lazy Assignment of Attributes and Attribute Revocation

查看原文本刊更多论文

Lattice-Based CP-ABE Access Control for SDS Constraint with Lazy Assignment of Attributes and Attribute Revocation

Ciphertext-policy attribute-based encryption (CP-ABE) is a cryptographic scheme suitable for secure data sharing on cloud storage. The CP-ABE based on lattice theory has the property of resisting quantum attack. Some data objects uploaded to the cloud by the same data owner may cause conflicts of interest, or their combination may expose sensitive information. This paper proposes a revocable CP-ABE scheme on the lattice, based on ring learning with error (R-LWE) problem, to enforce access control constraints on user access to such data objects. In this scheme, first, the access policies of such data objects are amended by adding dummy attributes. Second, we control the secret key components associated with the dummy attributes or revoke the dummy attributes to prevent users from continuously accessing specific parts or all data objects from this kind of data set. Finally, we carry on the efficiency and security analysis of the scheme. The analysis results show that the scheme is efficient and safe.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

IET Information Security 工程技术-计算机：理论方法

CiteScore

3.80

自引率

7.10%

发文量

审稿时长

8.6 months

期刊介绍： IET Information Security publishes original research papers in the following areas of information security and cryptography. Submitting authors should specify clearly in their covering statement the area into which their paper falls. Scope: Access Control and Database Security Ad-Hoc Network Aspects Anonymity and E-Voting Authentication Block Ciphers and Hash Functions Blockchain, Bitcoin (Technical aspects only) Broadcast Encryption and Traitor Tracing Combinatorial Aspects Covert Channels and Information Flow Critical Infrastructures Cryptanalysis Dependability Digital Rights Management Digital Signature Schemes Digital Steganography Economic Aspects of Information Security Elliptic Curve Cryptography and Number Theory Embedded Systems Aspects Embedded Systems Security and Forensics Financial Cryptography Firewall Security Formal Methods and Security Verification Human Aspects Information Warfare and Survivability Intrusion Detection Java and XML Security Key Distribution Key Management Malware Multi-Party Computation and Threshold Cryptography Peer-to-peer Security PKIs Public-Key and Hybrid Encryption Quantum Cryptography Risks of using Computers Robust Networks Secret Sharing Secure Electronic Commerce Software Obfuscation Stream Ciphers Trust Models Watermarking and Fingerprinting Special Issues. Current Call for Papers: Security on Mobile and IoT devices - https://digital-library.theiet.org/files/IET_IFS_SMID_CFP.pdf